This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

NetWitness Community

  • Home
  • Products
    • NetWitness Platform
      • Advisories
      • Documentation
        • Platform Documentation
        • Known Issues
        • Security Fixes
        • Hardware Documentation
        • Threat Content
        • Unified Data Model
        • Videos
      • Downloads
      • Integrations
      • Knowledge Base
    • NetWitness Cloud SIEM
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Detect AI
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Investigator
    • NetWitness Orchestrator
      • Advisories
      • Documentation
      • Knowledge Base
      • Legacy NetWitness Orchestrator
        • Advisories
        • Documentation
  • Community
    • Blog
    • Discussions
    • Events
    • Idea Exchange
  • Support
    • Case Portal
      • Create New Case
      • View My Cases
      • View My Team's Cases
    • Community Support
      • Getting Started
      • News & Announcements
      • Community Support Forum
      • Community Support Articles
    • Product Life Cycle
    • Support Information
    • General Security Advisories
  • Training
    • Blog
    • Certification Program
    • Course Catalog
      • Netwitness XDR
      • EC-Council Training
    • New Product Readiness
    • On-Demand Subscriptions
    • Student Resources
    • Upcoming Events
    • Role-Based Training
  • Technology Partners
  • Trust Center
Sign InRegister Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
AlexeyFedorov
AlexeyFedorov Frequent Contributor
Frequent Contributor
since ‎2016-01-15
‎2022-02-16

User Statistics

  • 68 Posts
  • 0 Solutions
  • 30 Likes given
  • 15 Likes received
Making Yourself at Home
Welcome Back!
Stamps of Approval
Someone Likes You
View all badges
Announcement Banner

Scheduled maintenance for single sign-on for communities and myRSA on January 26th

View Details
  • NetWitness Community
  • About AlexeyFedorov

User Activity

  • Posts
  • Replies

Migrate to new appliance

by AlexeyFedorov 2018-11-19 general.in NetWitness Discussions • latest reply by JohnKisner 2019-11-04
2018-11-19
Hello, Is it proper way to migrate collected data (metadb, packetdb, sessiondb) to new appliance? For example we have appliances series 4 (SA Server, LogHybrid) 10.6.x (or 11) version and want to migrate our data to new appliances series 6 (SA Server...

RabbitMQ Message Broker Alert

by AlexeyFedorov 2018-11-13 general.in NetWitness Discussions • latest reply by RenatoGoncalves 2018-12-14
2018-11-13
Hello, We have alert "Critical Filesystem Usage on Rabbitmq Message Broker" into Health & Wellness tab. Since RabbitMQ directory was moved from /var/lib/rabbitmq to /var/netwitness/rabbitmq on 11 version how we can manage our disk space (/var/netwitn...

Using Lists into ESA Rules

by AlexeyFedorov 2018-02-15 general.in NetWitness Discussions • latest reply by BijuVasudevan 2018-09-29
2018-02-15
Hello, Can I use List from Reporting module into ESA Rules?For example I have few ESA Rules where I filter many source IP addresses. I want to create one List and use it List into all my ESA Rules. Can I do it? How?

Remote collect files from SFTP Agent

by AlexeyFedorov 2018-01-12 general.in NetWitness Discussions • latest reply by DaveGlover 2018-01-15
2018-01-12
Hello, Somebody has positive experience of collecting files through SFTP Agent from remote server? I have Windows cluster and I want to collect files from another server through windows share. I create share on Windows claster and use config like: fi...

Behavioral Analysis

by AlexeyFedorov 2016-05-19 general.in NetWitness Discussions
2016-05-19
My current and potential customers want to have behavioral analysis. Unfortunately this mechanism is absent out of the box. Maybe somebody has EPL rules and can share it? I have few suggestion about behavioral analysis rule: 1. If user (IP) has X con...
View more

Re: RabbitMQ Message Broker Alert

by AlexeyFedorov 2018-12-14 general.in NetWitness Discussions
2018-12-14
Hello Renato, No, deleting the erl_crash.dump has no influence to result. The problem looks more complicated how I think. If you will try to install (fresh install 11.x version) LogHybrid or PacketHybrid you will see that Decoder and Concentrator use...

Re: Using Lists into ESA Rules

by AlexeyFedorov 2018-02-21 general.in NetWitness Discussions
2018-02-21
Hello Sravan, Could you provide an example how should it looks for exclude 10 Source IP from ESA Rule?

Re: Remote collect files from SFTP Agent

by AlexeyFedorov 2018-01-15 general.in NetWitness Discussions
2018-01-15
This is ERRORLOG file from Microsoft SQL Server. This is link to this file: ERRORLOG

Re: Remote collect files from SFTP Agent

by AlexeyFedorov 2018-01-12 general.in NetWitness Discussions
2018-01-12
Dave, The directory is correct. I use Netwitness 11 and it is work for other SFTP Agents. The problem on the SFTP Agent side (before transfer the file to Netwitness). The file reading not correct due to encoding of the file (not ANSI).

Re: Changes to be done in cef.xml to support unknown CEF logs

by AlexeyFedorov 2016-07-04 general.in NetWitness Discussions • latest reply by DavidWaugh1 2016-09-21
2016-07-04
Hello David, Can I create my custom CEF parser? I have my own event source send logs by CEF. I wish add some new mapping but I don't want to unsubscribe from CEF parser in RSA Live.
View more
Likes from
User Count
Anonymous
4
PavelBaturin
PavelBaturin Seeker
1
TiagoCardoso
TiagoCardoso Beginner
2
NathanChurch1
NathanChurch1 Beginner
1
JohnTyson1
JohnTyson1 Beginner
2
View all
Likes given to
User Count
AmarnathPai
AmarnathPai Beginner
1
NikolayKlender
NikolayKlender Contributor
2
DavidWaugh1
Employee DavidWaugh1
23
WilliamMotley1
Frequent Contributor WilliamMotley1 Frequent Contributor
1
DaveGlover
Trusted Contributor DaveGlover Trusted Contributor
1
View all
Powered by Khoros
  • Blog
  • Events
  • Discussions
  • Idea Exchange
  • Knowledge Base
  • Case Portal
  • Community Support
  • Product Life Cycle
  • Support Information
  • About the Community
  • Terms & Conditions
  • Privacy Statement
  • Acceptable Use Policy
  • Employee Login
© 2022 RSA Security LLC or its affiliates. All rights reserved.